I think if you set the fault tollerence as an engineering constraint in the
preliminary design and someone is willing to provide the charge code,
Murphy still happens.
Like the space shuttle having all its contingencies yet no ejection system
for the crew or management pushing for a launch even though engineering at
ATK says some o rings need to be checked, or safety officers watching
launch videos for Colombia's post launch and determining that based off of
the puff of something hitting the TPS and the velocity that the STS was at,
that it was most probably damaged but not being able to affect change.
The whole program has to be built for fault tolerance and that requires not
only good hardware design but good management and a great culture within
the organization and its contractors and sub contractors.
On Oct 21, 2016 10:08 PM, "FreeLists Mailing List Manager" <
ecartis@xxxxxxxxxxxxx> wrote:
arocket Digest Fri, 21 Oct 2016 Volume: 04 Issue: 257
In This Issue:
[AR] Re: fault tolerance (was Re: thinking big once more)
----------------------------------------------------------------------
From: Robert Steinke <robert.steinke@xxxxxxxxx>
Date: Fri, 21 Oct 2016 14:22:12 -0600
Subject: [AR] Re: fault tolerance (was Re: thinking big once more)
On Thu, Oct 20, 2016 at 6:25 PM, Jim Davis <jimdavis2@xxxxxxxxxxxxx> wrote:
On 10/19/2016 10:59 PM, Henry Spencer wrote:True that physics makes it more challenging, but more challenging does not
It would be good if you'd explain why you think the *physics* doesn't
permit this.
...
This is why fault tolerance is more challenging in the case of a launch
vehicle when compared to aircraft.
It's a matter of physics.
Jim Davis
